package com.visionet.school.app.web.wechat.utils;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

public class CheckSignature {
	/*
	 * 消息验证类
	 * signature 微信加密串
	 * timestamp 时间截
	 * nonce 干扰值
	 */
	public static boolean checkSignature(String signature,String timestamp,String nonce)
    {
		String sign="";
		String tmpStr = null;
		 try {  
			 String token =GetToken.getToken();
		  String[] tmpStrings={token,timestamp,nonce};
	      Arrays.sort(tmpStrings);
	      sign=String.format("{0}{1}{2}", tmpStrings[0],tmpStrings[1],tmpStrings[2]);
	      MessageDigest md = null;  
	        
	
	     
	          md = MessageDigest.getInstance("SHA-1");  
	          // 将三个参数字符串拼接成一个字符串进行sha1加密   
	          byte[] digest = md.digest(sign.getBytes());            
	          tmpStr = new String(digest);
	      } catch (NoSuchAlgorithmException e) {  
	          e.printStackTrace();  
	      }  
	      sign = null;  
	      // 将sha1加密后的字符串可与signature对比，标识该请求来源于微信   
	      return tmpStr != null ? tmpStr.equals(signature.toUpperCase()) : false;  
    }
}
